1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
|
// SoftEther VPN Source Code
// Cedar Communication Module
//
// SoftEther VPN Server, Client and Bridge are free software under GPLv2.
//
// Copyright (c) 2012-2014 Daiyuu Nobori.
// Copyright (c) 2012-2014 SoftEther VPN Project, University of Tsukuba, Japan.
// Copyright (c) 2012-2014 SoftEther Corporation.
//
// All Rights Reserved.
//
// http://www.softether.org/
//
// Author: Daiyuu Nobori
// Comments: Tetsuo Sugiyama, Ph.D.
//
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// version 2 as published by the Free Software Foundation.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License version 2
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
// EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
// IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
// CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
// TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
// SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
//
// THE LICENSE AGREEMENT IS ATTACHED ON THE SOURCE-CODE PACKAGE
// AS "LICENSE.TXT" FILE. READ THE TEXT FILE IN ADVANCE TO USE THE SOFTWARE.
//
//
// THIS SOFTWARE IS DEVELOPED IN JAPAN, AND DISTRIBUTED FROM JAPAN,
// UNDER JAPANESE LAWS. YOU MUST AGREE IN ADVANCE TO USE, COPY, MODIFY,
// MERGE, PUBLISH, DISTRIBUTE, SUBLICENSE, AND/OR SELL COPIES OF THIS
// SOFTWARE, THAT ANY JURIDICAL DISPUTES WHICH ARE CONCERNED TO THIS
// SOFTWARE OR ITS CONTENTS, AGAINST US (SOFTETHER PROJECT, SOFTETHER
// CORPORATION, DAIYUU NOBORI OR OTHER SUPPLIERS), OR ANY JURIDICAL
// DISPUTES AGAINST US WHICH ARE CAUSED BY ANY KIND OF USING, COPYING,
// MODIFYING, MERGING, PUBLISHING, DISTRIBUTING, SUBLICENSING, AND/OR
// SELLING COPIES OF THIS SOFTWARE SHALL BE REGARDED AS BE CONSTRUED AND
// CONTROLLED BY JAPANESE LAWS, AND YOU MUST FURTHER CONSENT TO
// EXCLUSIVE JURISDICTION AND VENUE IN THE COURTS SITTING IN TOKYO,
// JAPAN. YOU MUST WAIVE ALL DEFENSES OF LACK OF PERSONAL JURISDICTION
// AND FORUM NON CONVENIENS. PROCESS MAY BE SERVED ON EITHER PARTY IN
// THE MANNER AUTHORIZED BY APPLICABLE LAW OR COURT RULE.
//
// USE ONLY IN JAPAN. DO NOT USE IT IN OTHER COUNTRIES. IMPORTING THIS
// SOFTWARE INTO OTHER COUNTRIES IS AT YOUR OWN RISK. SOME COUNTRIES
// PROHIBIT ENCRYPTED COMMUNICATIONS. USING THIS SOFTWARE IN OTHER
// COUNTRIES MIGHT BE RESTRICTED.
//
//
// SOURCE CODE CONTRIBUTION
// ------------------------
//
// Your contribution to SoftEther VPN Project is much appreciated.
// Please send patches to us through GitHub.
// Read the SoftEther VPN Patch Acceptance Policy in advance:
// http://www.softether.org/5-download/src/9.patch
//
//
// DEAR SECURITY EXPERTS
// ---------------------
//
// If you find a bug or a security vulnerability please kindly inform us
// about the problem immediately so that we can fix the security problem
// to protect a lot of users around the world as soon as possible.
//
// Our e-mail address for security reports is:
// softether-vpn-security [at] softether.org
//
// Please note that the above e-mail address is not a technical support
// inquiry address. If you need technical assistance, please visit
// http://www.softether.org/ and ask your question on the users forum.
//
// Thank you for your cooperation.
// Session.h
// Header of Session.c
#ifndef SESSION_H
#define SESSION_H
// Interval to increment the number of logins after the connection
#define NUM_LOGIN_INCREMENT_INTERVAL (30 * 1000)
// Packet adapter function
typedef bool (PA_INIT)(SESSION *s);
typedef CANCEL *(PA_GETCANCEL)(SESSION *s);
typedef UINT (PA_GETNEXTPACKET)(SESSION *s, void **data);
typedef bool (PA_PUTPACKET)(SESSION *s, void *data, UINT size);
typedef void (PA_FREE)(SESSION *s);
// Client related function
typedef void (CLIENT_STATUS_PRINTER)(SESSION *s, wchar_t *status);
// Node information
struct NODE_INFO
{
char ClientProductName[64]; // Client product name
UINT ClientProductVer; // Client version
UINT ClientProductBuild; // Client build number
char ServerProductName[64]; // Server product name
UINT ServerProductVer; // Server version
UINT ServerProductBuild; // Server build number
char ClientOsName[64]; // Client OS name
char ClientOsVer[128]; // Client OS version
char ClientOsProductId[64]; // Client OS Product ID
char ClientHostname[64]; // Client host name
UINT ClientIpAddress; // Client IP address
UINT ClientPort; // Client port number
char ServerHostname[64]; // Server host name
UINT ServerIpAddress; // Server IP address
UINT ServerPort; // Server port number
char ProxyHostname[64]; // Proxy host name
UINT ProxyIpAddress; // Proxy Server IP Address
UINT ProxyPort; // Proxy port number
char HubName[64]; // HUB name
UCHAR UniqueId[16]; // Unique ID
// The following is for IPv6 support
UCHAR ClientIpAddress6[16]; // Client IPv6 address
UCHAR ServerIpAddress6[16]; // Server IP address
UCHAR ProxyIpAddress6[16]; // Proxy Server IP Address
char Padding[304 - (16 * 3)]; // Padding
};
// Packet adapter
struct PACKET_ADAPTER
{
PA_INIT *Init;
PA_GETCANCEL *GetCancel;
PA_GETNEXTPACKET *GetNextPacket;
PA_PUTPACKET *PutPacket;
PA_FREE *Free;
void *Param;
};
// Session structure
struct SESSION
{
LOCK *lock; // Lock
REF *ref; // Reference counter
CEDAR *Cedar; // Cedar
bool LocalHostSession; // Local host session
bool ServerMode; // Server mode session
bool NormalClient; // Connecting session from a regular client (not such as localbridge)
bool LinkModeClient; // Link mode client
bool LinkModeServer; // Link mode server
bool SecureNATMode; // SecureNAT session
bool BridgeMode; // Bridge session
bool BridgeIsEthLoopbackBlock; // Loopback is disabled on the Ethernet level
bool VirtualHost; // Virtual host mode
bool L3SwitchMode; // Layer-3 switch mode
bool InProcMode; // In-process mode
THREAD *Thread; // Management thread
CONNECTION *Connection; // Connection
CLIENT_OPTION *ClientOption; // Client connection options
CLIENT_AUTH *ClientAuth; // Client authentication data
volatile bool Halt; // Halting flag
volatile bool CancelConnect; // Cancel the connection
EVENT *HaltEvent; // Halting event
UINT Err; // Error value
HUB *Hub; // HUB
CANCEL *Cancel1; // Cancel object 1
CANCEL *Cancel2; // Cancel object 2
PACKET_ADAPTER *PacketAdapter; // Packet adapter
UCHAR UdpSendKey[16]; // UDP encryption key for transmission
UCHAR UdpRecvKey[16]; // UDP encryption key for reception
UINT ClientStatus; // Client Status
bool RetryFlag; // Retry flag (client)
bool ForceStopFlag; // Forced stop flag (client)
UINT CurrentRetryCount; // Current retry counter (client)
UINT RetryInterval; // Retry interval (client)
bool ConnectSucceed; // Connection success flag (client)
bool SessionTimeOuted; // Session times out
UINT Timeout; // Time-out period
UINT64 NextConnectionTime; // Time to put next additional connection
IP ServerIP; // IP address of the server
bool ClientModeAndUseVLan; // Use a virtual LAN card in client mode
bool UseSSLDataEncryption; // Use SSL data encryption
LOCK *TrafficLock; // Traffic data lock
LINK *Link; // A reference to the link object
SNAT *SecureNAT; // A reference to the SecureNAT object
BRIDGE *Bridge; // A reference to the Bridge object
NODE_INFO NodeInfo; // Node information
UINT64 LastIncrementTraffic; // Last time that updated the traffic data of the user
bool AdministratorMode; // Administrator mode
LIST *CancelList; // Cancellation list
L3IF *L3If; // Layer-3 interface
IP DefaultDns; // IP address of the default DNS server
bool IPv6Session; // IPv6 session (Physical communication is IPv6)
UINT VLanId; // VLAN ID
UINT UniqueId; // Unique ID
UCHAR IpcMacAddress[6]; // MAC address for IPC
UCHAR Padding[2];
UINT64 CreatedTime; // Creation date and time
UINT64 LastCommTime; // Last communication date and time
TRAFFIC *Traffic; // Traffic data
TRAFFIC *OldTraffic; // Old traffic data
UINT64 TotalSendSize; // Total transmitted data size
UINT64 TotalRecvSize; // Total received data size
UINT64 TotalSendSizeReal; // Total transmitted data size (no compression)
UINT64 TotalRecvSizeReal; // Total received data size (no compression)
char *Name; // Session name
char *Username; // User name
char UserNameReal[MAX_USERNAME_LEN + 1]; // User name (real)
char GroupName[MAX_USERNAME_LEN + 1]; // Group name
POLICY *Policy; // Policy
UCHAR SessionKey[SHA1_SIZE]; // Session key
UINT SessionKey32; // 32bit session key
char SessionKeyStr[64]; // Session key string
UINT MaxConnection; // Maximum number of concurrent TCP connections
bool UseEncrypt; // Use encrypted communication
bool UseFastRC4; // Use high speed RC4 encryption
bool UseCompress; // Use data compression
bool HalfConnection; // Half connection mode
bool QoS; // VoIP / QoS
bool NoSendSignature; // Do not send a signature
bool IsOpenVPNL3Session; // Whether OpenVPN L3 session
bool IsOpenVPNL2Session; // Whether OpenVPN L2 session
UINT NumDisconnected; // Number of socket disconnection
bool NoReconnectToSession; // Disable to reconnect to the session
char UnderlayProtocol[64]; // Physical communication protocol
UINT64 FirstConnectionEstablisiedTime; // Connection completion time of the first connection
UINT64 CurrentConnectionEstablishTime; // Completion time of this connection
UINT NumConnectionsEatablished; // Number of connections established so far
UINT AdjustMss; // MSS adjustment value
bool IsRUDPSession; // Whether R-UDP session
UINT RUdpMss; // The value of the MSS should be applied while the R-UDP is used
bool EnableBulkOnRUDP; // Allow the bulk transfer in the R-UDP session
bool EnableHMacOnBulkOfRUDP; // Use the HMAC to sign the bulk transfer of R-UDP session
bool EnableUdpRecovery; // Enable the R-UDP recovery
bool UseUdpAcceleration; // Use of UDP acceleration mode
bool UseHMacOnUdpAcceleration; // Use the HMAC in the UDP acceleration mode
UDP_ACCEL *UdpAccel; // UDP acceleration
bool IsUsingUdpAcceleration; // Flag of whether the UDP acceleration is used
UINT UdpAccelMss; // MSS value to be applied while the UDP acceleration is used
bool UdpAccelFastDisconnectDetect; // Fast disconnection detection is enabled
bool IsAzureSession; // Whether the session via VPN Azure
IP AzureRealServerGlobalIp; // Real global IP of the server-side in the case of session via VPN Azure
ACCOUNT *Account; // Client account
UINT VLanDeviceErrorCount; // Number of times that the error occurred in the virtual LAN card
bool Win32HideConnectWindow; // Hide the status window
bool Win32HideNicInfoWindow; // Hide the NIC information window
bool UserCanceled; // Canceled by the user
UINT64 LastTryAddConnectTime; // Last time that attempted to add a connection
bool IsMonitorMode; // Whether the monitor mode
bool IsBridgeMode; // Whether the bridge mode
bool UseClientLicense; // Number of assigned client licenses
bool UseBridgeLicense; // Number of assigned bridge licenses
COUNTER *LoggingRecordCount; // Counter for the number of logging records
bool FreeInfoShowed; // Whether a warning about Free Edition has already displayed
bool Client_NoSavePassword; // Prohibit the password saving
wchar_t *Client_Message; // Message that has been sent from the server
LIST *DelayedPacketList; // Delayed packet list
UINT Flag1;
USER *NumLoginIncrementUserObject; // User objects to increment the nymber of logins
HUB *NumLoginIncrementHubObject; // Virtual HUB object to increment the number of logins
UINT64 NumLoginIncrementTick; // Time to perform increment a number of log
bool FirstTimeHttpRedirect; // Redirect HTTP only for the first time
char FirstTimeHttpRedirectUrl[128]; // URL for redirection only the first time
UINT FirstTimeHttpAccessCheckIp; // IP address for access checking
// To examine the maximum number of alowed logging target packets per minute
UINT64 MaxLoggedPacketsPerMinuteStartTick; // Inspection start time
UINT CurrentNumPackets; // Current number of packets
// Measures for D-Link bug
UINT64 LastDLinkSTPPacketSendTick; // Last D-Link STP packet transmission time
UCHAR LastDLinkSTPPacketDataHash[MD5_SIZE]; // Last D-Link STP packet hash
};
// Password dialog
struct UI_PASSWORD_DLG
{
UINT Type; // Type of password
char Username[MAX_USERNAME_LEN + 1]; // User name
char Password[MAX_PASSWORD_LEN + 1]; // Password
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
UINT RetryIntervalSec; // Time to retry
EVENT *CancelEvent; // Event to cancel the dialog display
bool ProxyServer; // The authentication by the proxy server
UINT64 StartTick; // Start time
bool AdminMode; // Administrative mode
bool ShowNoSavePassword; // Whether to display a check box that does not save the password
bool NoSavePassword; // Mode that not to save the password
SOCK *Sock; // Socket
};
// Message dialog
struct UI_MSG_DLG
{
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
char HubName[MAX_HUBNAME_LEN + 1]; // Virtual HUB name
wchar_t *Msg; // Body
SOCK *Sock; // Socket
bool Halt; // Flag to close
};
// NIC information
struct UI_NICINFO
{
wchar_t AccountName[MAX_SIZE]; // Connection setting name
char NicName[MAX_SIZE]; // Virtual NIC name
SOCK *Sock; // Socket
bool Halt; // Flag to close
ROUTE_CHANGE *RouteChange; // Routing table change notification
UINT CurrentIcon; // Current icon
UINT64 CloseAfterTime; // Close automatically
};
// Connection Error dialog
struct UI_CONNECTERROR_DLG
{
EVENT *CancelEvent; // Event to cancel the dialog display
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
UINT Err; // Error code
UINT CurrentRetryCount; // Current retry count
UINT RetryLimit; // Limit of the number of retries
UINT64 StartTick; // Start time
UINT RetryIntervalSec; // Time to retry
bool HideWindow; // Hide the window
SOCK *Sock; // Socket
};
// Server certificate checking dialog
struct UI_CHECKCERT
{
wchar_t AccountName[MAX_ACCOUNT_NAME_LEN + 1]; // Account name
char ServerName[MAX_HOST_NAME_LEN + 1]; // Server name
X *x; // Server certificate
X *parent_x; // Parent certificate
X *old_x; // Certificate of previous
bool DiffWarning; // Display a warning of certificate forgery
bool Ok; // Connection permission flag
bool SaveServerCert; // Save the server certificate
SESSION *Session; // Session
volatile bool Halt; // Halting flag
SOCK *Sock; // Socket
};
// Function prototype
SESSION *NewClientSessionEx(CEDAR *cedar, CLIENT_OPTION *option, CLIENT_AUTH *auth, PACKET_ADAPTER *pa, struct ACCOUNT *account);
SESSION *NewClientSession(CEDAR *cedar, CLIENT_OPTION *option, CLIENT_AUTH *auth, PACKET_ADAPTER *pa);
SESSION *NewRpcSession(CEDAR *cedar, CLIENT_OPTION *option);
SESSION *NewRpcSessionEx(CEDAR *cedar, CLIENT_OPTION *option, UINT *err, char *client_str);
SESSION *NewRpcSessionEx2(CEDAR *cedar, CLIENT_OPTION *option, UINT *err, char *client_str, void *hWnd);
SESSION *NewServerSession(CEDAR *cedar, CONNECTION *c, HUB *h, char *username, POLICY *policy);
SESSION *NewServerSessionEx(CEDAR *cedar, CONNECTION *c, HUB *h, char *username, POLICY *policy, bool inproc_mode);
void ClientThread(THREAD *t, void *param);
void ReleaseSession(SESSION *s);
void CleanupSession(SESSION *s);
void StopSession(SESSION *s);
void StopSessionEx(SESSION *s, bool no_wait);
bool SessionConnect(SESSION *s);
bool ClientConnect(CONNECTION *c);
int CompareSession(void *p1, void *p2);
PACKET_ADAPTER *NewPacketAdapter(PA_INIT *init, PA_GETCANCEL *getcancel, PA_GETNEXTPACKET *getnext,
PA_PUTPACKET *put, PA_FREE *free);
void FreePacketAdapter(PACKET_ADAPTER *pa);
void SessionMain(SESSION *s);
void NewSessionKey(CEDAR *cedar, UCHAR *session_key, UINT *session_key_32);
SESSION *GetSessionFromKey(CEDAR *cedar, UCHAR *session_key);
SESSION *GetSessionFromKey32(CEDAR *cedar, UINT key32);
void DebugPrintSessionKey(UCHAR *session_key);
void ClientAdditionalConnectChance(SESSION *s);
void SessionAdditionalConnect(SESSION *s);
void ClientAdditionalThread(THREAD *t, void *param);
void PrintSessionTotalDataSize(SESSION *s);
void AddTrafficForSession(SESSION *s, TRAFFIC *t);
void IncrementUserTraffic(HUB *hub, char *username, SESSION *s);
void Notify(SESSION *s, UINT code);
void PrintStatus(SESSION *s, wchar_t *str);
LIST *NewCancelList();
void ReleaseCancelList(LIST *o);
void AddCancelList(LIST *o, CANCEL *c);
void CancelList(LIST *o);
bool CompareNodeInfo(NODE_INFO *a, NODE_INFO *b);
bool IsPriorityHighestPacketForQoS(void *data, UINT size);
UINT GetNextDelayedPacketTickDiff(SESSION *s);
#endif // SESSION_H
// Developed by SoftEther VPN Project at University of Tsukuba in Japan.
// Department of Computer Science has dozens of overly-enthusiastic geeks.
// Join us: http://www.tsukuba.ac.jp/english/admission/
|